Cybersecurity Incident Roundup: $13M Abortive Abracadabra Hack and More In a significant breach impacting the decentralized finance (DeFi) landscape, a vulnerability in the smart contracts of the Abracadabra/Spell protocol allowed hackers to make off with approximately $13 million worth of Ethereum (ETH) tokens. This theft marks a sobering continuance of…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Government Also covered: The Recent Ransomware Surge, Controversies Surrounding the Crypto Reserve Anna Delaney (annamadeline) • March 7, 2025 Clockwise from top left: Anna Delaney, Tony Morbin, Chris Riotta, and Mathew Schwartz This week, ISMG editors convened to address the escalating threat…
The Duplin County Sheriff’s Office has issued a warning regarding a sophisticated email scam targeting individuals within the community. This fraudulent campaign employs intimidation tactics, with scammers alleging they have gained unauthorized access to personal devices and sensitive information. Victims are coerced into paying the perpetrators through Bitcoin or other…
Blockchain & Cryptocurrency, Cryptocurrency Fraud, Fraud Management & Cybercrime Crypto Firm Offers Up to $140M Bounty for Recovery of Hacked Funds Rashmi Ramesh (rashmiramesh_) • February 24, 2025 Image: Shutterstock In a notable development in the cryptocurrency sector, Bybit, a compromised crypto exchange, has successfully replenished $1.4 billion in Ether…
A collaborative advisory issued by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) highlights the persistent threat posed by Ghost ransomware, also referred to as Cring. Active since early 2021, this cybercriminal group, which operates from…
Recent cyber activities linked to North Korean threat actors, particularly the Kimsuky group, demonstrate a notable evolution in their techniques. They are increasingly leveraging living-off-the-land (LotL) strategies, relying on common services to remain undetected. A recent operation, identified as “DEEP#DRIVE” by Securonix, exemplifies this trend, utilizing PowerShell scripts and Dropbox…
This report covers topics such as Data Breach Notification, Data Security, and Fraud Management & Cybercrime. LockBit and BlackCat/ALPHV Decline Linked with Diminishing Big-Game Hunting Mathew J. Schwartz (euroinfosec) • February 6, 2025 While ransomware remains a lucrative avenue for operators, 2024 has seen a significant downturn in the financial…
In recent developments surrounding ransomware operations, evidence suggests that two prominent groups, AlphV and Lockbit, experienced significant setbacks amid heightened law enforcement scrutiny. AlphV, which reportedly extracted a staggering $22 million ransom from Change Healthcare, executed an “exit scam” shortly thereafter, pocketing the funds and vanishing without compensating the hackers…
This week in cybersecurity began with significant developments, including the abrupt shutdown of TikTok for users in the United States late Saturday night, as the deadline approached for Apple and Google to comply with a government mandate to withdraw the popular video-sharing app from their platforms. Despite the temporary ban,…
